changeset 650:9e7c58e1725b

authentication.rst
author Sebastien Jodogne <s.jodogne@gmail.com>
date Tue, 27 Apr 2021 06:38:58 +0200
parents 22e3868d2eb1
children 507726da2ed6
files Sphinx/source/faq/authentication.rst
diffstat 1 files changed, 7 insertions(+), 2 deletions(-) [+]
line wrap: on
line diff
--- a/Sphinx/source/faq/authentication.rst	Mon Apr 26 18:41:12 2021 +0200
+++ b/Sphinx/source/faq/authentication.rst	Tue Apr 27 06:38:58 2021 +0200
@@ -14,6 +14,9 @@
 * In ``RegisteredUsers``, assign a username and a password to all your
   users.
 
+**Important:** Make sure to read the FAQ about :ref:`how to secure
+Orthanc <security>`.
+  
 Once a user has logged in, she will have full access, in read-write
 mode, to all the features offered by the REST API of Orthanc. This
 built-in mechanism might be of limited usefulness in enterprise
@@ -35,8 +38,10 @@
   `access control lists
   <https://en.wikipedia.org/wiki/Access_control_list>`__.
 * Develop a :ref:`C/C++ plugin <creating-plugins>` that uses the
-  ``OrthancPluginRegisterIncomingHttpRequestFilter()``.  This solution
-  is potentially useful if you wish to integrate with an LDAP server.
+  ``OrthancPluginRegisterIncomingHttpRequestFilter()``, or a
+  :ref:`Python plugin <python_authorization>` that uses
+  ``orthanc.RegisterIncomingHttpRequestFilter()``. This solution is
+  potentially useful if you wish to integrate with an LDAP server.
 * Use Orthanc as a reverse proxy (e.g. behind :ref:`nginx <nginx>`,
   :ref:`Apache <apache>`, or :ref:`Microsoft IIS <iis>`), and use the
   authentication mechanisms of the main Web server.